Fire up your Mac's firewall

You’ll find your Mac’s firewall in the Security and Privacy preference in the System Preferences app.

You’ll find your Mac’s firewall in the Security and Privacy preference in the System Preferences app.

A few weeks back, after the Working Mac column about scanning your Mac for viruses I received an email message from Yolanda:

Hope you can help your readers with something that I haven't found. I've just purchased my first Mac after being on Windows for about 15 years, so I'm looking around for reputable recommendations of free and good anti-virus/firewall programs.

The article Yolanda linked to recommended ClamXav for scanning your Mac for viruses, but Yolanda was correct, there was no mention made of firewall applications.

Most people, whether you're using a Mac or a PC, are aware that commercial virus scanning applications such as Norton Security not only provide virus and malware protection, they also include firewall protection.

What's a firewall? In the simplest terms it's hardware on your network or a piece of software on your computer that limits the way other computers can send data to or receive data from your Mac. (For a more detailed explanation on Firewalls, have a look at Jeff Tyson's, How Firewalls Work).

While you can certainly spend money on firewall applications for your Mac--the aforementioned Norton Security application will set you back a minimum of $45 per year--your Mac, no surprise, already includes an excellent, built-in, free Application Level Firewall that, with minimal configuration, will do everything you need. So, why spend anything at all, when you can have great for free?

You'll find your Mac's firewall in the Security and Privacy preference in the System Preferences app.

  • Open System Preferences
  • Click Security and Privacy or
  • Type Firewall in System Preferences search field and select "Turn Firewall on or off"

Before you can make changes to the Security and Privacy preference you need to authenticate as an administrator:

  • Click the lock at the bottom left of the Security and Privacy preference
  • Enter your password

To start using the firewall, once you've entered your password, all you need to do is click the button that says Turn On Firewall

That's it! But there's more to the the built-in firewall than meets the eye, so let's take a look at what's going on behind the scenes.

  • Click the button that says Firewall Options

Depending on what applications you have running and which sharing services you have turned on, what you'll see when you look at Firewall Options may be a little different than what you see in the following screenshot:

If you don't see anything, that means you don't currently have any applications running that are sending or receiving network traffic.

If you do see something in the list, it means that the Application Level Firewall trusts that application and is allowing it to send and receive network traffic. How and why the firewall trusts an application is more than we can go into in detail here, but it's because of something called Code Signing Certificates, which Apple only issues to trusted applications. Any application with one of these trusted certificates can request and be granted access to allow traffic to pass through Application Level Firewall.

Let's see how this works automatically:

  • Make sure that the only box that's checked is the one that says, "Automatically allow signed software to receive incoming connections"
  • Take note of the applications listed in the list of allowed applications
  • Click OK
  • Open the Sharing preference in System Preferences
  • Put a check in the box that says File Sharing or, if that's already selected, put a check in one of the other sharing boxes
  • Re-open the Security and Privacy preference
  • Click the Firewall Options button
  • Look at the list of allowed applications

If you selected File Sharing in the Sharing preference you should now see File Sharing (AFP, SMB) in the list of allowed applications.

The beauty of Apple's built-in Application Level Firewall is that you don't need to do anything other than turn it on. Your Mac will take care of determining whether or not an application should be allowed to send and receive network traffic.

Join the CSO newsletter!

Error: Please check your email address.

Tags securityOS Xsoftwareoperating systemsinternetnorton

More about AppleClickNorton

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jeffery Battersby

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place